mirror of
https://github.com/jackyzha0/quartz.git
synced 2025-12-27 06:44:07 -06:00
vault backup: 2022-09-05 12:56:17
This commit is contained in:
Jet Hughes
parent
2b5cd0021a
commit
fc61997665
29
content/notes/ass01-security-audit.md
Normal file
29
content/notes/ass01-security-audit.md
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
title: "ass01-security-audit"
|
||||
aliases:
|
||||
tags:
|
||||
- assignment
|
||||
- comp210
|
||||
---
|
||||
|
||||
|
||||
Jet Hughes - 9474308
|
||||
|
||||
# Summary of system
|
||||
- function
|
||||
- technology
|
||||
|
||||
# Flaws
|
||||
## Password policy
|
||||
- must have at least 5 characters and one digit.
|
||||
- not suffiecient
|
||||
|
||||
## SQL Injection
|
||||
- can log in to admin using username: " 'or 1=1;--"
|
||||
- we are able to extract data which is displayed as the users username
|
||||
-
|
||||
|
||||
## Javascript Injection
|
||||
## Path traversal
|
||||
## Network-Level security
|
||||
## Other
|
||||
Loading…
Reference in New Issue
Block a user